Commit Graph

103 Commits

Author SHA1 Message Date
62c20b6e67 admin: add list of all tokens 2020-07-01 12:27:30 +02:00
4915205678 WIP Use Flows for Sources and Providers (#32)
* core: start migrating to flows for authorisation

* sources/oauth: start type-hinting

* core: create default user

* core: only show user delete button if an unenrollment flow exists

* flows: Correctly check initial policies on flow with context

* policies: add more verbosity to engine

* sources/oauth: migrate to flows

* sources/oauth: fix typing errors

* flows: add more tests

* sources/oauth: start implementing unittests

* sources/ldap: add option to disable user sync, move connection init to model

* sources/ldap: re-add default PropertyMappings

* providers/saml: re-add default PropertyMappings

* admin: fix missing stage count

* stages/identification: fix sources not being shown

* crypto: fix being unable to save with private key

* crypto: re-add default self-signed keypair

* policies: rewrite cache_key to prevent wrong cache

* sources/saml: migrate to flows for auth and enrollment

* stages/consent: add new stage

* admin: fix PropertyMapping widget not rendering properly

* core: provider.authorization_flow is mandatory

* flows: add support for "autosubmit" attribute on form

* flows: add InMemoryStage for dynamic stages

* flows: optionally allow empty flows from FlowPlanner

* providers/saml: update to authorization_flow

* sources/*: fix flow executor URL

* flows: fix pylint error

* flows: wrap responses in JSON object to easily handle redirects

* flow: dont cache plan's context

* providers/oauth: rewrite OAuth2 Provider to use flows

* providers/*: update docstrings of models

* core: fix forms not passing help_text through safe

* flows: fix HttpResponses not being converted to JSON

* providers/oidc: rewrite to use flows

* flows: fix linting
2020-06-07 16:35:08 +02:00
73116b9d1a policies/expression: migrate to raw python instead of jinja2 (#49)
* policies/expression: migrate to raw python instead of jinja2

* lib/expression: create base evaluator, custom subclass for policies

* core: rewrite propertymappings to use python

* providers/saml: update to new PropertyMappings

* sources/ldap: update to new PropertyMappings

* docs: update docs for new propertymappings

* root: remove jinja2

* root: re-add jinja to lock file as its implicitly required
2020-06-05 12:00:27 +02:00
82d12ecfdf policies/expression: use pb_message() for messages instead of returning a tuple 2020-06-01 15:25:38 +02:00
24a3e787dd migrate to per-model UUID Primary key, remove UUIDModel (#26)
* *: migrate to per-model UUID Primary key, remove UUIDModel

* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
7bd65120b9 *: migrate from PolicyModel to PolicyBindingModel, move Policy to passbook_policies 2020-05-16 18:07:00 +02:00
227966e727 core: rename nonce to token 2020-05-16 16:11:53 +02:00
406f69080b Revert "*: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through"
This reverts commit 7ed3ceb960.
2020-05-16 16:02:42 +02:00
7ed3ceb960 *: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through 2020-05-16 14:03:57 +02:00
7500e622f6 stages/invitation: start extracting invitation from core 2020-05-11 21:58:02 +02:00
69120da45c core: remove redundant views/forms 2020-05-11 00:49:48 +02:00
e989c61793 core: reduce default nonce time to 30 minutes 2020-05-10 20:15:56 +02:00
9bccf9bb0a policies/dummy: separate dummy policy from core into app 2020-05-10 02:14:55 +02:00
212e966dd4 factors: -> stage 2020-05-08 20:59:51 +02:00
995c87938f core: fix default Null causing issues in translation 2020-02-21 23:10:00 +01:00
26bf6fd22f all: add more helpful help_text to models 2020-02-21 15:12:16 +01:00
0b5caa85f5 all: sort imports and cleanup 2020-02-20 17:23:05 +01:00
2bef5f3911 policies: struct -> types to match core 2020-02-20 13:52:05 +01:00
3c2b8e5ee1 all: prefix all UI related methods with ui_, switch to property and return dataclass 2020-02-20 13:51:41 +01:00
2dfd93afb1 core: add more fields for metadata of applications 2020-02-20 13:45:22 +01:00
ac273aab75 core: raise PropertyMappingExpressionException when PropertyMapping returns Undefined 2020-02-19 16:18:31 +01:00
9267d0c1dd all: general maintenance, prepare for pyright 2020-02-18 22:12:51 +01:00
9f00843441 policies/expression: add Expression based policy 2020-02-18 15:12:50 +01:00
f31cd7dec6 core: check PropertyMapping's expression syntax before save 2020-02-18 15:12:05 +01:00
083e317028 lib: add helper method for 400 response with message 2020-02-18 10:13:53 +01:00
813b2676de providers/saml: better handle PropertyMapping evaluation errors 2020-02-18 10:12:42 +01:00
3aa2f1e892 *: propertymapping template -> expression 2020-02-17 20:38:14 +01:00
e6c47fee26 core: add template field to PropertyMapping 2020-02-17 17:47:51 +01:00
2be026dd44 global: fix import order 2020-02-14 15:17:40 +01:00
d9ecb7070d core: add more prometheus metrics 2020-01-19 21:01:26 +01:00
3bd1eadd51 all: implement black as code formatter 2019-12-31 12:51:16 +01:00
261d57ad7b Merge branch 'master' into guardian
# Conflicts:
#	Pipfile
#	Pipfile.lock
#	passbook/admin/views/invitations.py
#	passbook/admin/views/policy.py
#	passbook/admin/views/providers.py
#	passbook/admin/views/sources.py
#	passbook/admin/views/users.py
2019-10-15 15:09:11 +02:00
f1c4a62612 policy(major): fix error when policy.negate is enabled 2019-10-14 15:00:20 +02:00
358e39ced0 core(major): remove action field from policy 2019-10-14 13:57:38 +02:00
2ff1635696 core/sources(minor): refactor Source's property 2019-10-13 16:47:13 +02:00
fc69b6851d core(minor): tags -> attributes, add attributes to user, add propertymappings to source 2019-10-11 12:47:06 +02:00
143a575369 Merge branch 'master' into guardian
# Conflicts:
#	Pipfile
#	Pipfile.lock
#	passbook/core/models.py
2019-10-10 17:29:34 +02:00
3d8242be06 core(minor): add new, optional description field to nonce 2019-10-10 14:04:58 +02:00
3185a86b22 core(minor): add separate permission to reset user's password 2019-10-10 13:01:36 +02:00
a53f7a49ac root(minor): start implementing guardian 2019-10-10 10:45:51 +02:00
2e15b24f0a *(minor): switch has_user_settings to return Optional dataclass instead of tuple 2019-10-09 12:47:14 +02:00
f2acc154cd *(minor): small refactor 2019-10-07 16:33:48 +02:00
0b86231a36 *(minor): make better use of structured logging 2019-10-04 10:21:33 +02:00
c0df1f38b8 *(minor): remove __name__ param from get_logger 2019-10-04 10:08:53 +02:00
64b75cab84 policy(minor): add data class for policy request 2019-10-03 10:45:31 +02:00
fb8ccc0283 lint(minor): fix import order 2019-10-02 21:05:37 +00:00
de0b137b1e policy(minor): improve error handling 2019-10-02 22:28:39 +02:00
f4499a5459 *(minor): stdlib logging to structlog 2019-10-01 10:24:10 +02:00
b3aede5bba policy(minor): Move policy-related code to separate package 2019-10-01 10:17:39 +02:00
5d1a3043b2 create SSOLoginPolicy, which allows factors to be applied when user comes from SSO login
implement SESSIION_IS_SSO_LOGIN for OAuth Client and core MFA
2019-04-29 23:19:37 +02:00